Biometric data brokerage system and method for transfer of biometric records between biometric collection devices and biometric processing services

ABSTRACT

A biometric data brokerage system (BDPS) and method for transfer of biometric records between at least one biometric collection device (BCD) and at least one biometric processing service (BPS) are disclosed. Embodiments provide a BDPS that utilizes biometric record translation routines that allow for biometric record submissions from any BCD to any BPS, regardless of biometric record format requirements. The need for costly and proprietary biometric record formatting software on BCDs is thereby eliminated.

FIELD

Embodiments are in the technical field of biometric data systems,particularly biometric data brokerage systems. More particularly,embodiments disclosed herein relate to biometric data brokerage systemsand methods for transfer of biometric records between biometriccollection devices (BCDs) and biometric processing services (BPSs)which, inter alia, allows for biometric record submissions from any BCDto any backend matching service, regardless of biometric record formatrequirements, while eliminating the need for costly and proprietarybiometric record formatting software on BCDs.

BACKGROUND

Current automated biometric identification systems consist of BCDs andBPSs. As a result, the system interface for these systems requiresN-to-N connectivity, typically with custom, proprietary code, which isboth expensive and insecure.

In order to provide biometric records to backend systems for processing(e.g., matching, enrollment, new hire on-boarding, etc.), BCDs need tocollect the biometrics, format all collected data into the appropriatelyformatted record, establish a connection with the backend system andtransmit the record. If that record needs to be sent to multiplelocations, the collection device user must individually initiate eachtransaction. Due to variations in the different formats, certain datapoints may need to be re-entered into different locations. The serviceswhich provide proper standards-based formatting are both expensive andproprietary. In addition, each BCD needs to have a custom connectioncomponent developed for each backend service to which it will need toconnect, resulting in extensive throwaway development. Moreover, eachconnection must adhere to different security requirements which mayoverlap, differ, or even conflict with another connection's securityrequirements.

Today, a multitude of biometric hardware and software vendors provideproprietary biometric solutions for capture and matching of biometricssuch as fingerprints, palm prints, iris, facial, and other measurablebiological (anatomical or physiological) and behavioral characteristicsthat may be used for automated recognition. In many cases, the biometricdevices meet some, but not all, of the various Department of Defense(DOD) and FBI standards for biometric capture and submission.

Thus, it is desirable to provide embodiments of a biometric databrokerage system and method for transfer of biometric records betweenBCDs and BPSs that are able to overcome the above disadvantages therebyeliminating, inter alia, the need for implementing costly, proprietarybiometric record formatting software on capture devices.

SUMMARY

Embodiments are directed to a method for utilizing a BDPS to transferbiometric records between at least one BCD and at least one BPS. Themethod comprises: receiving, via a front-end BCD interface, biometricrecords in a first format transmitted by a first BCD, wherein thebiometric records in the first format correspond to biometric datacollected by the first BCD; translating, via an internal processescomponent, the biometric records in the first format received by thefront-end BCD interface from the first format to a second formatdifferent from the first format; and transmitting, via a back-end BPSinterface, the translated biometric records in the second format to afirst BPS, wherein the translated biometric records in the second formatis compatible with the first BPS.

In an embodiment, a method utilizes a BDPS to transfer biometric recordsbetween multiple BCDs and multiple BPSs.

In an embodiment, a method utilizes a BDPS to transfer biometric recordsin multiple formats between a BCD and multiple BPSs. In anotherembodiment, a method utilizes the BDPS to combine data corresponding toresponses received from the multiple BPSs to form a single report, andfor transmitting the single report to the BCD.

In an embodiment, the data corresponding to the response from the firstBPS and the data corresponding to the response from the second BPScorrespond to a single individual.

Embodiments are also directed to a system including a BDPS thattransfers biometric records between at least one BCD and at least oneBPS. The BDPS is placed between BCDs and BPSs. The BDPS includes threesegments: a front-end BCD interface; an internal processes component;and a back-end BPS interface. The front-end BCD interface receivesbiometric records in a first format transmitted by a first BCD, whereinthe biometric records in the first format correspond to biometric datacollected by the first BCD. The internal processes component translatesthe biometric records in the first format received by the front-end BCDinterface from the first format to a second format different from thefirst format. The back-end BPS interface transmits the translatedbiometric records in the second format to a first BPS, wherein thetranslated biometric records in the second format is compatible with thefirst BPS. Other system embodiments that have similarity to the variousmethod embodiments are described below.

BRIEF DESCRIPTION OF THE DRAWINGS

The detailed description will refer to the following drawings in whichlike numerals refer to like items, and in which:

FIG. 1 is a block diagram of an embodiment of a system including a BDPSthat transfers biometric records between at least one BCD and at leastone BPS.

FIG. 2 is a flowchart illustrating an embodiment of a method forutilizing a BDPS to transfer biometric records between at least one BCDand at least one BPS.

FIG. 3 is a flowchart illustrating an embodiment of a method forutilizing a BDPS to transfer biometric records between multiple BCDs andmultiple BPSs.

FIG. 4 is a flowchart illustrating an embodiment of a method forutilizing a BDPS to transfer biometric records in multiple formatsbetween a BCD and multiple BPSs. The flowchart also illustrates anembodiment of a method for utilizing the BDPS to combine datacorresponding to responses received from the multiple BPSs to form asingle report, and for transmitting the single report to the BCD.

FIG. 5 is a block diagram illustrating an embodiment of a computersystem that may be used in embodiments of a system including a BDPS thattransfers biometric records between a BCD and a BPS.

DETAILED DESCRIPTION

It is to be understood that the figures and descriptions of the presentinvention may have been simplified to illustrate elements that arerelevant for a clear understanding of the present invention, whileeliminating, for purposes of clarity, other elements found in a typicalBCD or typical BPS, or typical method for transfer of biometric recordsfrom a BCD to a BPS. Those of ordinary skill in the art will recognizethat other elements may be desirable and/or required in order toimplement the present invention. However, because such elements are wellknown in the art, and because they do not facilitate a betterunderstanding of the present invention, a discussion of such elements isnot provided herein. It is also to be understood that the drawingsincluded herewith only provide diagrammatic representations of thepresently preferred structures of the present invention and thatstructures falling within the scope of the present invention may includestructures different than those shown in the drawings. Reference willnow be made to the drawings wherein like structures are provided withlike reference designations.

Biometric data is a general phrase for computer data created during abiometric process. It includes, but is not limited to, raw sensorobservations, biometric samples, models, templates and/or similarityscores. Biometric data is used to describe the information collectedduring an enrollment, verification, or identification process, but doesnot apply to end user information such as user name, demographicinformation, and authorizations.

Embodiments for utilizing a BDPS to transfer biometric records betweenat least one BCD and at least one BPS are described. The BDPS wasconceived as a device agnostic biometric store and forward system thatallowed biometric record submissions from any BCD to any backendmatching service (or BPS), regardless of record format requirements.With the BDPS, the need for costly, proprietary biometric recordformatting software on BCDs is eliminated.

The BDPS ingests biometric enrollment files of, for example, ExtensibleMarkup Language (XML) type and translates those files into theappropriate standard(s) format necessary for processing by biometricprocessing repositories (or BPSs) such as Automated BiometricIdentification System (ABIS), Integrated Automated FingerprintIdentification System (IAFIS), and/or Automated Biometric IdentificationSystem (IDENT), etc.

The BDPS facilitates the transfer of biometric records between BCDs andBPSs. The BDPS is a component designed to augment complexbiometrically-enabled systems such as automated biometric identificationsystems for law enforcement and armed services or biometrically enabledenterprise systems (e.g. base access, HR management, etc.).

With reference to FIG. 1, shown is a block diagram of an embodiment of asystem 100 including a BDPS 120 that transfers biometric records betweenat least one BCD 110 and at least one BPS 130. As the BDPS 120 is placedbetween BCDs 110 and BPSs 130, the BDPS 120 may be described asincluding three segments: a front-end BCD interface 122; an internalprocesses component 124; and a back-end BPS interface 126.

Front-end BCD interface 122: Critical to the BDPS 120 design, all BCDs110 only need to interface with a single, unified interface, i.e., thefront-end BCD interface 122. The front-end BCD interface 122 isconsidered “front-end” because the end users (i.e., via the BCDs 110)interact directly with this interface 122 which is the sole (or, atleast, predominant) point of contact or connection of the BCDs 110 withthe BDPS 120. All services are provided through a modern web servicesimplementation that enables preferably both synchronous and asynchronoususage from any connected BCD (be it mobile, web-based, or legacyworkstation applications). Since the BDPS 120 is designed to augmentexisting systems, the BDPS 120 also supports various legacy methods forsubmission including SMTP and SFTP transfers to ensure backwardscompatibility with all currently used devices. In addition, all webservices require the device to authenticate (e.g., through variousmechanisms such as username/password, PKI, etc.) to the BDPS 120 beforeperforming any tasks. This ensures that all users are authorized andprovides a detailed audit trail of each task performed by each user.

Front-End BCD Interface 122 is meant to be a secure communicationchannel endpoint between BCDs 110 and BDPS 120. Physically, it issoftware component(s) running on BDPS 120 that expose secure ports forcommunication with BCDs 110. The Front-End BCD Interface 122 is uniquein that it is designed to be flexible enough to understand and translatevarious payloads that are submitted over the secure interface.

In order to support multiple backend systems, which may each usedifferent standards for biometric record formats, a data structure suchas XML may be utilized that features all the details of the variousformats in a more concise and more human-readable format. The XML formatmay preferably be reduced to its most concise form to best supportmobile collection devices such as smart phones or tablets (or standalone biometric collection devices) that use lower bandwidth connectionsthan traditionally used. In addition, the XML format is designed to behighly configurable so as to allow many customized requirements to bedefined (even while the user is in the field). By enabling heavilycustomizable mission requirements, the user can be explicitly directedas to what and how many biometrics need to be captured to be consideredcomplete. In another step to support legacy devices, the web servicescan also accept records of various standards.

Internal Processes Component 124: More than just a store and forwardservice, BDPS 120 has several components to ensure intelligent behaviorand timely results. As the BDPS 120 can ingest biometric records ineither a defined XML format or in any biometric record standard, theBDPS 120 needs to be able to translate from XML to a standard, from astandard to XML, or from one standard to another. In order to accomplishthis task, the Internal Processes Component 124 includes a BiometricRecord Translation Engine (BRTE) that utilizes data modeling and featuremapping rules distilled from, for example, the DOD, FBI, and/or NationalInstitute of Standards and Technology (NIST) standards, as well as fromrules derived from biometric processing systems operation. Whileingested records can simply be translated and sent out, BPS 130responses must be fused into a single response to provide concise,meaningful data back to the users. Data from disparate BPS 130 responsesare combined into a single report. Records from multiple systems whichrepresent the same individual are combined into a single entity. Reportswill also include any BPS 130 status details relevant to the user (e.g.,service unavailable).

The BDPS 120 may therefore use an XML structure that merges NIST, FBI,and the DOD standards into a light-weight payload without reducingcapability. By using data modeling, data translation, and similarheuristics, the BDPS 120 is able to map the XML format to multiplestandards, variations, and versions. Then significant changes to thesestandards result in new mapping within the BDPS 120 while maintaininglegacy support. The BDPS 120 is able to execute advanced validationcloser to agents to ensure errors are quickly corrected without the needto validate against enterprise biometric matching services.

In order to ensure that each ingested request is fully processed, theBDPS 120 contains a Biometric Record Processing Manager (BRPM) which isresponsible for all the tasks associated with each record. Once a recordis received from the web services interface, the BRPM analyzes theuser's credentials and affiliations, the type of record submitted, theBCD 110 from which the record originated, and any explicitly definedinstructions to determine where the record needs to be processed and towhere/whom the results need to be disseminated. The BRPM handles statusupdates and responses from the back-end BPS interface 126 to handleresubmissions, processing errors, and response on the user's behalf toensure timely responses.

Back-end BPS interface 126: the BDPS 120 is designed such that onceintegrated with a biometric system, the BDPS 120 is the sole (or, atleast, predominant) liaison with a BPS 130. The back-end BCD interface126 is considered “back-end” because the end users (i.e., via the BCDs110) do not interact directly with this interface 126 which is the sole(or, at least, predominant) point of contact or connection of the BPSs130 with the BDPS 120. Given the heterogeneity of each BPS 130, the BDPS120 has a custom biometric interface module (BIM) 127 for each BPS 130.These BIMs 127 handle the connection establishment, data transfers, andresponse acquisitions according to all requirements defined by thespecific BPS 130. Each BIM 127 handles the security and credentialmanagement needed to establish a connection with its BPS 130 includingadditional audit requirements and authentication mechanisms. Since theBDPS 120 resides on a powerful web server (in contrast to a smart-phoneBCD), a vigorous encryption mechanism (e.g. a two-tiered VPN tunnel) maybe deployed without draining constrained resources. Since each BPS 130may feature a different response acquisition mechanism (e.g., SMTP,polling, SFTP delivery, etc.), each BIM 127 provides that mechanism toabstract the variations from the BRPM to ensure seamless behavior.

Back-End BPS Interface 126 is similar to Front-End BCD Interface 122.Back-End BPS Interface 126 is meant to be first a client for submittinga message payload over the interface exposed by BPS 130. Back-End BPSInterface 126 is designed to also receive the response ultimatelygenerated by BPS 130. Physically, it is software component(s) running onBDPS 120 and it is designed to be flexibility enough to be able tocommunicate with various BPSs 130 and their sometimes complicatedpayloads.

The BDPS 120 allows biometric collections to be “fire-and-forget,” sothat an agent may perform multiple biometric captures via a BCD 110,submit the records, and continue his/her necessary duties. If the matchresults of the submissions provide identification from a specificsystem, or the results of fusion within the BDPS 120, then the BDPS 120will retrieve the relevant data from the BPS(s) 130 and provide themeaningful information that enables the agent/warfighter to make anintelligent decision. Also, due to the data translation engine, theresults from differing systems can be fused into a single response thatis provided to the agent via the BCD 110. Consequently, the agent mayonly be interrupted when he/she receives an actionable response.

As mentioned in the Background section above, current automatedbiometric identification systems consist of BCDs and BPSs. As a result,the current system interface requires N-to-N connectivity, typicallywith custom, proprietary code, which is both expensive and insecure. Byinserting the BDPS 120 between the BCDs 110 and the BPSs 130, thecomplexity is drastically reduced as all BCDs 110 only need tocommunicate with one service (i.e., the BDPS 120) and, in turn, thatservice handles connectivity to all backend services (i.e., BPSs 130).By reducing the number of connections on the BCDs 110 to one, the BCDs110 only need to maintain a single connection and only need to provide asingle format, thus eliminating the need for expensive, proprietarystandards formatting services on each BCD 110. Since the BCDs 110 have asingle point of contact to all BPSs 130, each BCD 110 user may submitappropriate records to multiple, heterogeneous backend services througha single submission which drastically reduces a user's workload ascompared to the user submitting each record individually as with currentbiometric identification systems. As a result of the reduced complexity,critical biometric transmission and verification may be provided in nearreal time, and both integration and maintenance costs are driven down.

Rather than ensuring that each BCD 110 has the capability to communicatewith each BPS 130, the BDPS 120 provides a uniform interface that allowsBCDs 110 to draw information from a variety of BPSs 130 simultaneously,i.e., via the BDPS 120. As a web services capability, the BDPS 120drastically reduces the attack space exposed allowing for a clearlydefined perimeter. Consequently, BCDs 110 only need to support thesecurity and authentication mechanisms to connect with the BDPS 120. TheBDPS 120 then handles connections to the disparate service providers(BPSs 130) through a secure tunnel which offers a significantly cleaneraudit capability. In addition, BCDs 110 with low bandwidth send the datato the BDPS 120 which allows the higher bandwidth of the BDPS 120 tosend multiple records out to various BPSs 130.

Since cyber security is a topic of great national interest, any means toreduce susceptibility to attack can be advantageous. With each BCDneeding connectivity to each backend system, the current automatedbiometric identification systems presented extensive attack spaces andrequired overly complex audit tracking. With the BDPS 120, BCDs 110 nolonger need to be on the same, typically highly secure, networks as thebackend services. Instead, the BDPS 120 acts as a portal on the edge ofthe secure network and all secure connections are securely routed from asingle point. This reduction in communications means the BDPS 120 canprovide an accurate, easy to track audit log of connections from BCDs110 and each BPS 130 will only contain audit logs with the the BDPS 120.This reduction in communications also provides a very limited attackspace in that the BDPS 120 (and not every single BCD 110) is the onlymeans of entry into the secure network. Thus, very stringent andredundant security mechanisms can be layered at this entrance present bythe BDPS 120 rather than deploying the same mechanisms to every BCD 110and BPS 130.

With reference to FIG. 2, shown is a flowchart illustrating anembodiment of a method 200 for utilizing a BDPS to transfer biometricrecords between at least one BCD and at least one BPS. The method 200comprises: receiving, via using a front-end BCD interface, biometricrecords in a first format transmitted by a first BCD (block 202),wherein the biometric records in the first format correspond tobiometric data collected by the first BCD; translating, using aninternal process (i.e., via an internal processes component such asinternal processes component 124 (see FIG. 1) which performs processesinternal of the BDPS 120), the biometric records in the first formatreceived by the front-end BCD interface from the first format to asecond format (block 204), wherein the second format is different fromthe first format; and transmitting, via using a back-end BPS interface,the translated biometric records in the second format to a first BPS(block 206), wherein the translated biometric records in the secondformat is compatible with the first BPS. With the translation performed(i.e., via internal processes component 124), of the biometric recordsfrom a first format to a second format as per block 204, the BCDs 110only need to maintain a single connection with front-end BCD interface122. Regardless of the format compatible with the BPSs 130, thebiometric records transmitted by each BCD (which can be in the sameformat for all BCDs or in formats which are different for each BCD) donot need to be translated by the BCDs and thus can be transmitted by theBCDs in any format since the translation of the biometric records into aformat compatible with the targeted BPS is performed via the internalprocesses component 124 within the BDPS 120. Since the BCDs 110 have asingle point of contact to all BPSs 130 (i.e., via the BDPS 120), eachBCD 110 user may submit appropriate records to multiple, heterogeneousBPSs 130 through a single submission.

The translation that occurs within BDPS 120 is flexible and extensibleand can change as new message payloads are added in the future. The BDPS120 will ingest the inbound message from BCD 110 and based on thecontent of that message and the final destination(s) of the ultimatesearch request, be able to map the fields from the inbound message to acompletely different outbound message payload. In non-technical terms,think of it as asking a global question in English and having atranslator be able to ask the same question in many different otherlanguages to other countries, then understanding the answers from thoseother countries, and ultimately consolidating all of the responses andresponding in English back to the originator of the question. Thus, theburden is removed from any submitter (BCD 110) from knowing: a) how tocommunicate with any backend BPS 130; or b) where any backend BPS 130physically resides.

With reference to FIG. 3, shown is a flowchart illustrating anembodiment of a method 300 for utilizing a BDPS to transfer biometricrecords between multiple BCDs and multiple BPSs. The method 300 buildson method 200 and further comprises: receiving, via using the front-endBCD interface, biometric records in a third format transmitted by asecond BCD (block 302), wherein the biometric records in the thirdformat correspond to biometric data collected by the second BCD;translating, using an internal process (i.e., via the internal processescomponent), the biometric records in the third format received by thefront-end BCD interface from the third format to a fourth format (block304), wherein the third format is different from the first and secondformats, and the fourth format is different from the first, second, andthird formats; and transmitting, via using the back-end BPS interface,the translated biometric records in the fourth format to a second BPS(block 306), wherein the translated biometric records in the fourthformat is compatible with the second BPS.

With reference to FIG. 4, shown is a flowchart illustrating anembodiment of a method 400 for utilizing a BDPS to transfer biometricrecords in multiple formats between a BCD and multiple BPSs. Theflowchart also illustrates an embodiment of a method for utilizing theBDPS to combine data corresponding to responses received from themultiple BPSs to form a single report, and for transmitting the singlereport to the BCD. The method 400 includes blocks 402, 404, and 406which correspond to blocks 202, 204, and 206, respectively, from method200 in FIG. 2. However, method 400 in FIG. 4 builds on method 200wherein the receiving further comprises receiving, via using thefront-end BCD interface, additional biometric records in a third formattransmitted by the first BCD (block 403), and wherein the additionalbiometric records in the third format correspond to additional biometricdata collected by the first BCD; wherein the translating furthercomprises translating, using an internal process (i.e., via the internalprocesses component), the additional biometric records in the thirdformat received by the front-end BCD interface from the third format toa fourth format (block 405), and wherein the third format is differentfrom the first and second formats, and the fourth format is differentfrom the first, second, and third formats; and wherein the transmittingfurther comprises transmitting, via using the back-end BPS interface,the translated additional biometric records in the fourth format to asecond BPS (block 407), and wherein the translated additional biometricrecords in the fourth format is compatible with the second BPS.

The method 400 may further comprise: receiving, via using the back-endBPS interface, a response from the first BPS in connection with thetranslated biometric records in the second format and a response fromthe second BPS in connection with the translated additional biometricrecords in the fourth format (block 408); combining, using an internalprocess (i.e., via the internal processes component), data correspondingto the response from the first BPS and data corresponding to theresponse from the second BPS to form a single report (block 410); andtransmitting, via using the front-end BCD interface, the single reportto the first BCD (block 412).

In an embodiment, the data corresponding to the response from the firstBPS and the data corresponding to the response from the second BPScorrespond to a single individual.

With reference to FIG. 5, shown is a block diagram illustratingexemplary hardware components for implementing embodiments of a systemincluding a BDPS that transfers biometric records between at least oneBCD and at least one BPS, and a method thereof. Computer system 500,including client-servers combining multiple computer systems, or othercomputer systems similarly configured, may include and execute one ormore subsystem components to perform functions described herein,including steps of methods and processes described above. Computersystem 500 may connect with network 522, e.g., Internet, or othernetwork, to receive inquires, obtain data, and transmit information andincentives as described above.

Computer system 500 typically includes a memory 502, a secondary storagedevice 504, and a processor 506. Computer system 500 may also include aplurality of processors 506 and be configured as a plurality of, e.g.,bladed servers, or other known server configurations. Computer system500 may also include an input device 508, a display device 510, and anoutput device 512. Memory 502 may include RAM or similar types ofmemory, and it may store one or more applications for execution byprocessor 506. Secondary storage device 504 may include a hard diskdrive, floppy disk drive, CD-ROM drive, or other types of non-volatiledata storage. Processor 506 executes the application(s), such assubsystem components, which are stored in memory 502 or secondarystorage 504 or received from the Internet or other network 522. Theprocessing by processor 506 may be implemented in software, such assoftware modules, for execution by computers or other machines. Theseapplications preferably include instructions executable to perform thesystem and subsystem component (or application) functions and methodsdescribed above and illustrated in the FIGS. herein. The applicationspreferably provide graphical user interfaces (GUIs) through which usersmay view and interact with subsystem components (or application inmobile device).

Computer system 500 may store one or more database structures insecondary storage 504, for example, for storing and maintainingdatabases, and other information necessary to perform theabove-described methods. Alternatively, such databases may be in storagedevices separate from subsystem components.

Also, as noted, processor 506 may execute one or more softwareapplications in order to provide the functions described in thisspecification, specifically to execute and perform the steps andfunctions in the methods described above. Such methods and theprocessing may be implemented in software, such as software modules, forexecution by computers or other machines. The GUIs may be formatted, forexample, as web pages in HyperText Markup Language (HTML), ExtensibleMarkup Language (XML) or in any other suitable form for presentation ona display device depending upon applications used by users to interactwith the system (or application).

Input device 508 may include any device for entering information intocomputer system 500, such as a touch-screen, keyboard, mouse,cursor-control device, touch-screen, microphone, digital camera, videorecorder or camcorder. The input device 508 may be used to enterinformation into GUIs during performance of the methods described above.Display device 510 may include any type of device for presenting visualinformation such as, for example, a computer monitor or flat-screendisplay (or mobile device screen). The display device 510 may displaythe GUIs and/or output from sub-system components (or application).Output device 512 may include any type of device for presenting a hardcopy of information, such as a printer, and other types of outputdevices include speakers or any device for providing information inaudio form.

Examples of computer system 500 include dedicated server computers, suchas bladed servers, personal computers, laptop computers, notebookcomputers, palm top computers, network computers, mobile devices, or anyprocessor-controlled device capable of executing a web browser or othertype of application for interacting with the system.

Although only one computer system 500 is shown in detail, system andmethod embodiments described herein may use multiple computer system orservers as necessary or desired to support the users and may also useback-up or redundant servers to prevent network downtime in the event ofa failure of a particular server. In addition, although computer system500 is depicted with various components, one skilled in the art willappreciate that the server can contain additional or differentcomponents. In addition, although aspects of an implementationconsistent with the above are described as being stored in memory, oneskilled in the art will appreciate that these aspects can also be storedon or read from other types of computer program products orcomputer-readable media, such as secondary storage devices, includinghard disks, floppy disks, or CD-ROM; or other forms of RAM or ROM. Thecomputer-readable media may include instructions for controlling acomputer system, computer system 500, to perform a particular method,such as methods described above.

The contemplated modifications and variations specifically mentionedabove are considered to be within the spirit and scope of the presentinvention.

Those of ordinary skill in the art will recognize that variousmodifications and variations may be made to the embodiments describedabove without departing from the spirit and scope of the presentinvention. It is therefore to be understood that the present inventionis not limited to the particular embodiments disclosed above, but it isintended to cover such modifications and variations as defined by thefollowing claims.

1-28. (canceled)
 29. A method for utilizing a biometric data brokeragesystem (BDPS) to transfer biometric records between at least onebiometric collection device (BCD) and at least one biometric processingservice (BPS), the method comprising: receiving, via a front-end BCDinterface, biometric records in a first format transmitted by said atleast one BCD, wherein the biometric records in the first formatcorrespond to biometric data collected by said at least one BCD;translating, via an internal processes component, the biometric recordsin the first format received by the front-end BCD interface from thefirst format to a second format; transmitting, via a back-end BPSinterface, the translated biometric records in the second format to saidat least one BPS, wherein the translated biometric records in the secondformat is compatible with said at least one BPS; receiving, via theback-end BPS interface, a response from said at least one BPS inconnection with the translated biometric records in the second format;forming a report, via the internal processes component, from datacorresponding to the response from said at least one BPS; andtransmitting, via the front-end BCD interface, the report to said atleast one BCD.
 30. The method of claim 29, wherein the second format isdifferent from the first format.
 31. The method of claim 29, whereinsaid at least one BCD is not in direct contact with said at least oneBPS.
 32. The method of claim 29, further comprising: receiving, via thefront-end BCD interface, biometric records in a third format transmittedby another BCD, wherein the biometric records in the third formatcorrespond to biometric data collected by said another BCD; translating,via the internal processes component, the biometric records in the thirdformat received by the front-end BCD interface from the third format toa fourth format; and transmitting, via the back-end BPS interface, thetranslated biometric records in the fourth format to another BPS,wherein the translated biometric records in the fourth format iscompatible with said another BPS.
 33. The method of claim 32, whereinthe third format is different from the first and second formats, and thefourth format is different from the first, second, and third formats.34. The method of claim 32, further comprising receiving, via theback-end BPS interface, a response from said another BPS in connectionwith the translated biometric records in the fourth format, wherein theforming a report further comprises combining, via the internal processescomponent, data corresponding to the response from said at least one BPSand data corresponding to the response from said another BPS to form asingle report.
 35. The method of claim 29, wherein said receiving, via afront-end BCD interface, further comprises receiving, via the front-endBCD interface, additional biometric records in a third formattransmitted by said at least one BCD, and wherein the additionalbiometric records in the third format correspond to additional biometricdata collected by said at least one BCD; wherein the translating furthercomprises translating, via the internal processes component, theadditional biometric records in the third format received by thefront-end BCD interface from the third format to a fourth format; andwherein the transmitting, via a back-end BPS interface, furthercomprises transmitting, via the back-end BPS interface, the translatedadditional biometric records in the fourth format to another BPS, andwherein the translated additional biometric records in the fourth formatis compatible with said another BPS.
 36. The method of claim 35, whereinthe receiving, via the back-end BPS interface, a response from said atleast one BPS further comprises receiving, via the back-end BPSinterface, a response from said another BPS in connection with thetranslated additional biometric records in the fourth format; andwherein the forming the report further comprises combining, via theinternal processes component, data corresponding to the response fromsaid at least one BPS and data corresponding to the response from saidanother BPS to form a single report.
 37. A biometric data brokeragesystem (BDPS) for transfer of biometric records between at least onebiometric collection device (BCD) and at least one biometric processingservice (BPS), the BDPS comprising: a memory to store a computerexecutable instruction; and a processor to execute the computerexecutable instruction that causes the BDPS to perform operations fortransfer of the biometric records between said at least one BCD and saidat least one BPS, the operations comprising: receiving, via a front-endBCD interface, biometric records in a first format transmitted by saidat least one BCD, wherein the biometric records in the first formatcorrespond to biometric data collected by said at least one BCD;translating, via an internal processes component, the biometric recordsin the first format received by the front-end BCD interface from thefirst format to a second format; transmitting, via a back-end BPSinterface, the translated biometric records in the second format to saidat least one BPS, wherein the translated biometric records in the secondformat is compatible with said at least one BPS; receiving, via theback-end BPS interface, a response from said at least one BPS inconnection with the translated biometric records in the second format;forming a report, via the internal processes component, from datacorresponding to the response from said at least one BPS; andtransmitting, via the front-end BCD interface, the report to said atleast one BCD.
 38. The BDPS of claim 37, wherein the second format isdifferent from the first format.
 39. The BDPS of claim 37, wherein saidat least one BCD is not in direct contact with said at least one BPS.40. The BDPS of claim 37, further comprising: receiving, via thefront-end BCD interface, biometric records in a third format transmittedby another BCD, wherein the biometric records in the third formatcorrespond to biometric data collected by said another BCD; translating,via the internal processes component, the biometric records in the thirdformat received by the front-end BCD interface from the third format toa fourth format; and transmitting, via the back-end BPS interface, thetranslated biometric records in the fourth format to another BPS,wherein the translated biometric records in the fourth format iscompatible with said another BPS.
 41. The BDPS of claim 40, wherein thethird format is different from the first and second formats, and thefourth format is different from the first, second, and third formats.42. The BDPS of claim 40, further comprising receiving, via the back-endBPS interface, a response from said another BPS in connection with thetranslated biometric records in the fourth format, wherein the forming areport further comprises combining, via the internal processescomponent, data corresponding to the response from said at least one BPSand data corresponding to the response from said another BPS to form asingle report.
 43. The BDPS of claim 37, wherein said receiving, via afront-end BCD interface, further comprises receiving, via the front-endBCD interface, additional biometric records in a third formattransmitted by said at least one BCD, and wherein the additionalbiometric records in the third format correspond to additional biometricdata collected by said at least one BCD; wherein the translating furthercomprises translating, via the internal processes component, theadditional biometric records in the third format received by thefront-end BCD interface from the third format to a fourth format; andwherein the transmitting, via a back-end BPS interface, furthercomprises transmitting, via the back-end BPS interface, the translatedadditional biometric records in the fourth format to another BPS, andwherein the translated additional biometric records in the fourth formatis compatible with said another BPS.
 44. The BDPS of claim 43, whereinthe receiving, via the back-end BPS interface, further comprisesreceiving, via the back-end BPS interface, a response from said anotherBPS in connection with the translated additional biometric records inthe fourth format; and wherein the forming the report further comprisescombining, via the internal processes component, data corresponding tothe response from said at least one BPS and data corresponding to theresponse from said another BPS to form a single report.